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Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application. 

Listing of Claims: 

Claims 1 - 41 (Cancelled) 

42. (New) A method for improving security in a computer network utilizing password-based 
access, the method comprising: 

signing a phrase using a private key assigned to a remote user; 
associating the signed phrased with the remote user; and 

storing the private key assigned to the remote user in a key chain of a provided security 
chip, wherein the key chain is formed by wrapping the private key assigned to the remote user 
using at least one key pair assigned to the computer network and wrapping the at least one key 
pair assigned to the computer network using an encryption key assigned to the provided security 
chip. 

43. (New) The method of claim 42, wherein the phrase is a password of the remote user. 

44. (New) The method of claim 42, wherein the phrase is separate from a password of the 
remote user. 
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45. (New) The method of claim 42, further comprising: 

using the signed phrase associated with the remote user to determine whether to grant the 
remote user access to the computer network. 

46. (New) The method of claim 42, wherein the at least one key pair assigned to the 
computer network comprises at least one child key pair, at least one parent key pair, and at least 
one grandparent key pair, and wherein the key chain is formed by wrapping the private key 
assigned to the remote user using the at least one child key pair, wrapping the at least one child 
key pair using the at least one parent key pair, wrapping the at least one parent key pair using the 
at least one grandparent key pair, and wrapping the at least one grandparent key pair using the 
encryption key assigned to the provided security chip. 

47. (New) The method of claim 42, wherein the private key assigned to the remote user, the 
encryption key assigned to the provided security chip, and the at least one key pair assigned to 
the computer network are created within the provided security chip. 

48. (New) The method of claim 42, wherein both the private key assigned to the remote user 
and the encryption key assigned to the provided security chip are known only to the provided 
security chip. 

49. (New) The method of claim 42, wherein the provided security chip is a Trusted Platform 
Module (TPM). 
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50. (New) The method of claim 42, further comprising: 
storing the signed phrase associated with the remote user. 

51. (New) A computer readable medium including a computer program for improving 
security in a computer network utilizing password-based access, the computer program 
comprising instructions for: 

signing a phrase using a private key assigned to a remote user; 
associating the signed phrased with the remote user; and 

storing the private key assigned to the remote user in a key chain of a provided security 
chip, wherein the key chain is formed by wrapping the private key assigned to the remote user 
using at least one key pair assigned to the computer network and wrapping the at least one key 
pair assigned to the computer network using an encryption key assigned to the provided security 
chip. 

52. (New) The computer readable medium of claim 51, wherein the phrase is a password of 
the remote user. 

53. (New) The computer readable medium of claim 51, wherein the phrase is separate from a 
password of the remote user. 

54. (New) The computer readable medium of claim 51, wherein the computer program 
further comprises instructions for: 



Attorney Docket: RPS920010152US1/2303P 

using the signed phrase associated with the remote user to determine whether to grant the 
remote user access to the computer network. 

55. (New) The computer readable medium of claim 51, wherein the at least one key pair 
assigned to the computer network comprises at least one child key pair, at least one parent key 
pair, and at least one grandparent key pair, and wherein the key chain is formed by wrapping the 
private key assigned to the remote user using the at least one child key pair, wrapping the at least 
one child key pair using the at least one parent key pair, wrapping the at least one parent key pair 
using the at least one grandparent key pair, and wrapping the at least one grandparent key pair 
using the encryption key assigned to the provided security chip. 

56. (New) The computer readable medium of claim 51, wherein the private key assigned to 
the remote user, the encryption key assigned to the provided security chip, and the at least one 
key pair assigned to the computer network are created within the provided security chip. 

57. (New) The computer readable medium of claim 51, wherein both the private key 
assigned to the remote user and the encryption key assigned to the provided security chip are 
known only to the provided security chip. 

58. (New) The computer readable medium of claim 51, wherein the provided security chip is 
a Trusted Platform Module (TPM). 
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59. (New) The computer readable medium of claim 51, wherein the computer program 
further comprises instructions for: 

storing the signed phrase associated with the remote user. 

60. (New) A system for improving security in a computer network utilizing password-based 
access, the system being operable to: 

sign a phrase using a private key assigned to a remote user; 
associate the signed phrased with the remote user; and 

store the private key assigned to the remote user in a key chain of a provided security 
chip, wherein the key chain is formed by wrapping the private key assigned to the remote user 
using at least one key pair assigned to the computer network and wrapping the at least one key 
pair assigned to the computer network using an encryption key assigned to the provided security 
chip. 

61 . (New) The system of claim 60, wherein the phrase is a password of the remote user. 

62. (New) The system of claim 60, wherein the phrase is separate from a password of the 
remote user. 

63. (New) The system of claim 60, wherein the system is further operable to: 

use the signed phrase associated with the remote user to determine whether to grant the 
remote user access to the computer network. 
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64. (New) The system of claim 60, wherein the at least one key pair assigned to the computer 
network comprises at least one child key pair, at least one parent key pair, and at least one 
grandparent key pair, and wherein the key chain is formed by wrapping the private key assigned 
to the remote user using the at least one child key pair, wrapping the at least one child key pair 
using the at least one parent key pair, wrapping the at least one parent key pair using the at least 
one grandparent key pair, and wrapping the at least one grandparent key pair using the encryption 
key assigned to the provided security chip. 

65. (New) The system of claim 60, wherein the private key assigned to the remote user, the 
encryption key assigned to the provided security chip, and the at least one key pair assigned to 
the computer network are created within the provided security chip. 

66. (New) The system of claim 60, wherein both the private key assigned to the remote user 
and the encryption key assigned to the provided security chip are known only to the provided 
security chip. 

67. (New) The system of claim 60, wherein the provided security chip is a Trusted Platform 
Module (TPM). 

68. (New) The system of claim 60, wherein the system is further operable to: 
store the signed phrase associated with the remote user. 
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